Skip to content

Ship passive topology evidence capture#89

Merged
BadgerOps merged 2 commits into
masterfrom
network-group-overrides
Jun 12, 2026
Merged

Ship passive topology evidence capture#89
BadgerOps merged 2 commits into
masterfrom
network-group-overrides

Conversation

@BadgerOps

@BadgerOps BadgerOps commented Jun 11, 2026
edited
Loading

Copy link
Copy Markdown
Owner

Summary

  • Add normalized passive topology evidence ingest, evidence APIs, map layers, evidence filters, and UI evidence panels/actions.
  • Add admin-requested passive observation windows: the agent skips cadence/jitter, runs bounded local tcpdump on configured/default-route interfaces, parses the temporary pcap locally, deletes it, and uploads only normalized evidence summaries.
  • Keep the implementation passive-only: no SNMP polling/walks, no active probing, no raw pcap upload, and optional flow summaries are header-only.
  • Expand tcpdump parsing for VLAN IDs, LLDP/CDP, ARP, DHCPv4/DHCPv6, DNS/mDNS/LLMNR/NBNS, IPv6 RA/ND, SSDP, WS-Discovery, STP/LACP, HSRP/VRRP/CARP, visible routing hints, BGP, and aggregated flow summaries.
  • Preserve discovery/service display names safely by normalizing schema-invalid top-level name values while retaining originals in metadata.raw_name, fixing the Epson mDNS 422 check-in failure.
  • Treat missing observations in later full snapshots as stale historical data, not removals; check-in audit details now include observation and evidence created/refreshed/reactivated/stale/removed counts.
  • Retain saved/manual network groups as operator truth, with hidden/expected group controls and map/export suppression behavior.
  • Bump backend to 0.18.0, frontend to 0.17.0, and passive agent to 0.16.0 with concrete changelog entries.

Verification

  • nix develop -c .venv/bin/python -m py_compile agent/grapheon_agent.py agent/tests/test_grapheon_agent.py backend/routers/agents.py backend/tests/test_agents.py
  • nix develop -c .venv/bin/python -m pytest agent/tests/test_grapheon_agent.py::test_parse_dns_evidence_sanitizes_service_instance_names backend/tests/test_agents.py::TestAgentEnrollmentAndCheckIn::test_full_snapshot_observations_mark_stale_per_agent backend/tests/test_agents.py::TestAgentEnrollmentAndCheckIn::test_full_snapshot_observation_identity_for_address_route_and_connection
  • nix develop -c .venv/bin/python -m pytest
  • nix develop -c npm --prefix frontend run build
  • nix develop -c .venv/bin/python scripts/validate_versions.py

Notes

  • Full pytest passed with 418 passed, 1 skipped.
  • Frontend build passes with the existing Vite large chunk warning.
  • No *.pcap, *.pcapng, or *.cap artifacts were added.
  • .pipeline/ contains local ship handoff files and remains ignored.

@BadgerOps BadgerOps changed the title Add persistent network group overrides Ship passive topology evidence capture Jun 12, 2026
@BadgerOps BadgerOps merged commit 2d94bcb into master Jun 12, 2026
3 checks passed
@BadgerOps BadgerOps deleted the network-group-overrides branch June 12, 2026 00:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BadgerOps